]]>BlackSwan2011-03-11T20:27:12-00:00Re: Authenticating Oracle User based on Windows User Idhttp://www.orafaq.com/forum/./mv/msg/168811/498894/#msg_498894
2/ If you want to have different privileges depending on parameters (IP, time or any other) then use Secure Application Roles; these are roles that can only be activated calling a package (associated to the roles). So once the user is connected (you just give him the CREATE SESSION privilege), he calls a procedure and this procedure activates the role(s) depending on the user and associated parameters.

3/ Never use Oracle predefined roles (like CONNECT), they are for Oracle ONLY.

The use of OPS$ accounts in strongly inadvisable because you are weakening the security of your system. Additionally, the use of shared database accounts is inadvisable.

The use of OPS$ accounts was an administrative convenience widely in practice up to about 10 years ago and was often used to prevent the need to publish unencrypted passwords for batch processing tasks. The use of shared databases accounts is often due to a lack of schema design and poor attention to user security.

These days, OPS$ accounts are the first and most basic mechanism for attaching a database and are always removed during the initial stages of security hardening.

However, if you really do intend to continue with your strategy, then to get Windows OS authentication you should read the Tim Hall article in more details because the answer to your original question is one paragraph below the example you provided above. If you have lost the article reference it is here.

The part of the article you are looking for discusses SQLNET.AUTHENTICATION_SERVICES in a windows environment.